Webhook Triggers

Triggers create webhook endpoints that allow external services to invoke your Agents via HTTP. When a service like GitHub, Slack, or Stripe sends a webhook, the payload is validated, transformed, and used to start a new conversation with your Agent.

How Triggers Work

External service sends a webhook to your trigger's URL
Authentication is verified (custom headers or signature)
Payload is validated against the input schema (if configured)
Payload is transformed using the message template
Invocation is logged and the webhook returns immediately with 202 Accepted
Agent processes the message asynchronously in a new conversation

When to Use Triggers

Triggers are ideal for:

Use Case	Example
CI/CD pipelines	Trigger code review agents on PR creation
Customer events	Respond to Stripe payment webhooks
DevOps alerts	Process PagerDuty or Datadog alerts
Chat integrations	Handle Slack or Discord messages
Form submissions	Process Typeform or webhook-enabled forms
Scheduled tasks	Invoke agents from cron jobs or schedulers

Trigger Configuration

Each trigger is configured with:

Required

Name: Human-readable identifier for the trigger
Message Template: Template that converts the webhook payload into a message for the Agent

Optional

Input Schema: JSON Schema to validate incoming payloads
Authentication: Custom headers with expected values
Signing Secret: HMAC-SHA256 signature verification (for GitHub, Slack, etc.)
Output Transform: Reshape payloads before interpolating the message template. Choose one approach:
- Object Transformation: Simple field remapping (recommended for basic use cases)
- JMESPath: Complex transformations like filtering arrays or restructuring nested data

Authentication Options

Triggers support flexible header-based authentication:

Configuration	Use Case
Custom header (e.g., `X-API-Key`)	Simple API key authentication
`Authorization` header with Bearer token	OAuth-style authentication
Multiple headers	Multi-factor authentication
Signing secret only	Webhooks from services that sign requests
No authentication	Public webhooks (use with caution)

// Example: Require a custom API key header
authentication: {
  headers: [
    { name: "X-API-Key", value: process.env.MY_API_KEY },
  ],
}

Note

Header values are securely hashed before storage. For services that sign webhooks (GitHub, Stripe, Slack), you can rely on signingSecret alone for security.

Webhook URL Format

After creating a trigger, the webhook URL follows this pattern:

POST https://<your-run-api>/tenants/{tenantId}/projects/{projectId}/agents/{agentId}/triggers/{triggerId}

You can find the complete webhook URL in the API response when creating or listing triggers.

Invocation Tracking

Every webhook invocation is tracked with:

Status: pending → success or failed
Request Payload: The original webhook body
Transformed Payload: The payload after transformation
Conversation ID: The conversation created for this invocation
Error Message: Details if the invocation failed

This allows you to monitor webhook activity, debug failures, and audit trigger usage.

Example: GitHub Issue Handler

Here's a conceptual example of a trigger that responds to GitHub issues:

// When GitHub sends: { action: "opened", issue: { title: "Bug report", body: "..." }, ... }
// The trigger creates a message like:
// "New GitHub issue opened: Bug report\n\nDescription: ..."
// And starts a conversation with your support agent

The Agent then processes this message like any other conversation, using its configured tools and sub-agents to respond.

How Triggers Work

When to Use Triggers

Trigger Configuration

Required

Optional

Authentication Options

Webhook URL Format

Invocation Tracking

Example: GitHub Issue Handler

Next Steps

Define Triggers in Code

Chat API

On this page